@article{Wang_Hu_Guan_Zhang_Shi_2020, title={ Exploring Secret Keys in Searching Integral Distinguishers Based on Division Property}, volume={2020}, url={https://tosc.iacr.org/index.php/ToSC/article/view/8703}, DOI={10.13154/tosc.v2020.i3.288-304}, abstractNote={<p>Division property proposed by Todo at EUROCRYPT 2015 is a generalized integral property. Then, conventional bit-based division property (CBDP) and bitbased division property using three subsets (BDPT) were proposed by Todo and Morii at FSE 2016. At ASIACRYPT 2016, Xiang <em>et al.</em> extended Mixed Integer Linear Programming (MILP) method to search integral distinguishers based on CBDP. And at ASIACRYPT 2019, Wang <em>et al.</em> proposed an MILP-aided method of searching integral distinguishers based on BDPT. Although BDPT is powerful in searching integral distinguishers, the accuracy is not perfect.<br>For block cipher SPECK32, as the block size is only 32 bits, we can experimentally observe the behaviors of all the plaintexts under a fixed key. By testing 2<sup>10</sup> random secret keys, we experimentally find a better integral distinguisher of 6-round SPECK32 with 30 active bits. But this experimental integral distinguisher cannot be proved by existing methods. So there still exists a gap between the proved distinguisher and the experimental one.<br>To fill the gap, we explore secret keys in searching integral distinguishers based on BDPT. We put forward a situation where “Xor with The Secret Key” operation can be bypassed. Based on the new BDPT propagation rule, an improved automatic algorithm of searching integral distinguishers is proposed. For SPECK32, our improved algorithm can find the 6-round integral distinguisher with 2<sup>30</sup> chosen plaintexts. The gap between the proved distinguisher and the experimental one is filled. Moreover, we apply this improved method to search the integral distinguishers of SPECK, KATAN/KTANTAN, SIMON, SIMECK, SIMON(102), PRESENT and RECTANGLE block ciphers. The integral distinguishers found by our improved method are better than or consistent with the previous longest distinguishers.</p>}, number={3}, journal={IACR Transactions on Symmetric Cryptology}, author={Wang, Senpeng and Hu, Bin and Guan, Jie and Zhang, Kai and Shi, Tairong}, year={2020}, month={Sep.}, pages={288–304} }